<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/144400>144400</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            [tsan] Go's thread sanitizer prints garbage
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            compiler-rt:tsan,
            compiler-rt:sanitizer
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          tuliom
      </td>
    </tr>
</table>

<pre>
    [tsan_go.cpp](https://github.com/llvm/llvm-project/blob/main/compiler-rt/lib/tsan/go/tsan_go.cpp) prints garbage under rare circumstances, e.g.

```
        WARNING: DATA RACE
        Write at 0x�gc000010258 by goroutine 6:
          main.store()
              /tmp/TestOutput2447268894/002/main.go:14 +0x75
          main.racer()
              /tmp/TestOutput2447268894/002/main.go:23 +0x42
```

The file is generated using [buildgo.sh](https://github.com/llvm/llvm-project/blob/main/compiler-rt/lib/tsan/go/buildgo.sh).

I've been able to reproduce this with LLVM 18, 20 and main.
While it seems easier to reproduce on s390x, I've already seen it happen on ppc64le.
The problem goes away when debug information is enabled or a lower `-O` is used.


Steps to reproduce the issue:

1. Build compiler-rt using https://github.com/llvm/llvm-project/blob/main/compiler-rt/lib/tsan/go/buildgo.sh
2. If memory is aligned, you'll see an output similar to this:

```
WARNING: DATA RACE
Read at 0x�'c011110000 by goroutine 2:
  <null>()
      <null>:0 +0x0

Previous write at 0x01c011110000 by main goroutine:
  <null>()
      <null>:0 +0x0
  <null>()
      <null>:0 +0x0

Goroutine 2 (running) created at:
  <null>()
      <null>:0 +0x0
==================
Found 1 data race(s)
```

This will generate gotsan.cpp, link it with https://github.com/llvm/llvm-project/blob/main/compiler-rt/lib/tsan/go/test.c and execute the test.

While debugging it, I noticed the problem happened when executing [AppendNumber](https://github.com/llvm/llvm-project/blob/main/compiler-rt/lib/sanitizer_common/sanitizer_printf.cpp#L62-L65). `internal_memset()` is called with a 16-byte alignment, hitting [this code](https://github.com/llvm/llvm-project/blob/main/compiler-rt/lib/sanitizer_common/sanitizer_libc.cpp#L86-L94).
AFAICS, [this code](https://github.com/llvm/llvm-project/blob/main/compiler-rt/lib/sanitizer_common/sanitizer_libc.cpp#L86-L94) is not storing anything in memory.
</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJzMVk1v4zYQ_TX0ZWCBoj4sHXyQ7VUQIM0W2aB7DChpLLGlSIGkkri_vqAkJ06CHhp0tzUEJNCIHL43896QWytahbglyY4khxUfXafN1o1S6H5V6ebkI85y9dDqoB4GkhwIyzrnBkuigrCSsLIVrhuroNY9YaWUj-c_68Ho37F2hJWV1BVhZc-FIqysdT8IiWZtfEwKH_I5_F56-f-cj-UwGKGchZabircIo2rQgOEGoRamHnvruKrRErYHDNqA0MI_KV0eWsDy-17c3V7fXpGogENxX8Bdsf9yGTbCIXAH9Jl8KcmuJLtDW1NKaUhZkkF1glYbPTqhEFIP_3UtgMcWWKcNEpYRlr8J-p8H1g-Elfdo3dfRDaNjcbxhaZblMWElpWyhKGg1iYowBsJ29HmTfMxjeI3mX8rDojlPzN7RRmhx3yEchUQQFlpUaLjDBkYrVAsk2VWjkE2rA9v9lL64SMfypc7XhG0eESpEBbySCE6DwcHoZqwRXCcsPAnXwc3Nb79AmPkmYRS4amYiCS2-dxNABxaxt4DcCjRvt9EKbJTTZ796ScilQd6c_CLlF3d8GFD5L4ehTmOJwULfYHQlsYdWowX-xE_w1KGCBquxBaGO2vTcCa08xag8hAa0AQ5SP6EBktL1V5JSHx4tNuf2psU3h4N9D9dXyo44NyehRRjAzrMGF9wu9ft5xaIFC-D6CD322pw8Ei697TSez5MeCdtI6ZkErkBPHQtW9ELyqQ6-iC-ALhv0b_R8h7x5J2PCNjUNwzD0an4rZHYWMon2apSSRF_eCesiEBV0Fsuij18NPgo9Wnh69Q4avk3l-XrN9-lsnzvg1StOICwzo1JCtd5Va4OTmLn7PAHR4TMPLUo9qgZCaLjj4L2MsMzOGT8Y0CRgKV_sB1rt22weDnuQQv3h9TeJ_EfPJbQuqCfzwGesRzcrbno9H3f2kknbrdeYcJNlgNJO1NhMn58NYXYMbGY_mDdcfLXwkeZ27Cs0P8xZLVfCiT_RPNS677V682qauceZ5OgmZeubNPGm6_1IKIdGcfnQY2_RLc0yW1TNpTewqRocwnRdnbwuvNx7VBMbnXBnnJM917rB_wakFFV9hpil6xs_Hqe5UpTF9f6bP-z_9JCeaqUd-PuG55Krk-umhlOLywarZhs1eZTzFW7DTUJpnsRxsuq2eZbxHBOWHes0yY5IsUrykFchr7Im22QrsWWUJTQN03ATbVgSpFEShmGeJekm5pxWJKbYcyEDjzTQpl1NQ2cbxnFM6UryCqWdrpSMXeKNillNjLD9h9ALYh9PDiuznXisxtaSmEphnX3N54STeL6akuQAV5qwjQXX-akML3u9uzuuRiO3_7iAEzhLWLnge9yyvwIAAP__lQt4Yg">